Abstract: In order to solve the problem that Camenisch-Stadler’s group signature scheme could not revoke members, a new revocation scheme based on the Camenisch-Stadler’s group scheme was proposed, allowing the group manager to add new members or revoke old members flexibly and freely. When a member joins the group, the group manager issues member certificate to him (her), and other members need not update the key and certificate; when a member is revoked, the group manager only adds the anonymous identity to revocation list, and other members need not update the key and certificate either. Furthermore, the length of the signature and the computational effort are independent of the number of the group members and the revoked members, so the new scheme is more suitable for large group and the group with members’ heavy updates.